http://communities.intel.com/community/openportit/it/blog IT@Intel Thu, 01 Oct 2009 20:49:36 GMT Clearspace 2.5.9 (http://jivesoftware.com/products/clearspace/) 2009-10-01T20:49:36Z http://communities.intel.com/community/openportit/it/blog/2009/10/01/getting-rid-of-the-blue-screen I just read this paper authored by some of Intel's IT experts in the area of client management.  As an employee of Intel, I am now a huge fan of these rock stars.  Why? because they were able, through proactive IT management practices, reduce blue client intel_it it it@intel measure value vpro chris_peters blue_screen business_continuity business_value productivity employee solutions Thu, 01 Oct 2009 20:49:36 GMT christopher.p.peters@intel.com http://communities.intel.com/community/openportit/it/blog/2009/10/01/getting-rid-of-the-blue-screen 2009-10-01T20:49:36Z 1 month, 3 weeks ago http://communities.intel.com/community/openportit/it/blog/comment/getting-rid-of-the-blue-screen http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=12646 http://communities.intel.com/community/openportit/it/blog/2009/09/17/fortune-cookie-security-advice--confusing-security-measures-and-metrics--sept-2009 Measures generate data and metrics organize data to generate information.  The difference between ‘data’ and ‘information’, the former is something you know, the latter is something you use.   Everyone wants information security to be easy.  concern analysis value optimal rosenquist threat security matthew_rosenquist information fear corporate_security metric measure model matthew risk Thu, 17 Sep 2009 17:07:03 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2009/09/17/fortune-cookie-security-advice--confusing-security-measures-and-metrics--sept-2009 2009-09-17T17:07:03Z 2 months, 1 week ago 1 http://communities.intel.com/community/openportit/it/blog/comment/fortune-cookie-security-advice--confusing-security-measures-and-metrics--sept-2009 http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=12568 http://communities.intel.com/community/openportit/it/blog/2009/07/31/fortune-cookie-security-advice--no-royal-road-to-security--july-2009 There is no Royal Road to understanding and achieving information security   Everyone wants information security to be easy.  Wouldn’t it be nice if it were simple enough to fit snugly inside a fortune cookie?  Well, although I don’t try to promote value concern matthew corporate_security analysis security information optimal model matthew_rosenquist rosenquist threat risk fear measure Fri, 31 Jul 2009 18:46:52 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2009/07/31/fortune-cookie-security-advice--no-royal-road-to-security--july-2009 2009-07-31T18:46:52Z 3 months, 4 weeks ago http://communities.intel.com/community/openportit/it/blog/comment/fortune-cookie-security-advice--no-royal-road-to-security--july-2009 http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=12405 http://communities.intel.com/community/openportit/it/blog/2009/07/09/the-sad-story-of-information-security-risk-metrics Risk metrics are the heart and soul of information security indicators.  An increasing proliferation of tools and assessments has emerged, attempting to quantify states of information security.  Given the nature of what is trying to be measured, this is openportpromo rosi roi value information_security threat measure security optimal_security model risk matthew_rosenquist matthew rosenquist metric Thu, 09 Jul 2009 17:27:47 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2009/07/09/the-sad-story-of-information-security-risk-metrics 2009-07-09T17:27:47Z 4 months, 3 weeks ago 1 http://communities.intel.com/community/openportit/it/blog/comment/the-sad-story-of-information-security-risk-metrics http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=12333 http://communities.intel.com/community/openportit/it/blog/2009/06/16/fortune-cookie-security-advice-strategic-competitive-secure--june-2009 Think strategic.  Act competitive.  Be secure.   Everyone wants information security to be easy.  Wouldn’t it be nice if it were simple enough to fit snugly inside a fortune cookie?  Well, although I don’t try to promote such foolish nonsense, I do security it@intel analysis secure matthew_rosenquist information_security openportpromo model threat optimal_security it value rosenquist strategy measure corporate_security intel_it risk Tue, 16 Jun 2009 21:12:49 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2009/06/16/fortune-cookie-security-advice-strategic-competitive-secure--june-2009 2009-06-16T21:12:49Z 5 months, 2 weeks ago http://communities.intel.com/community/openportit/it/blog/comment/fortune-cookie-security-advice-strategic-competitive-secure--june-2009 http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=12277 http://communities.intel.com/community/openportit/it/blog/2009/05/26/fortune-cookie-security-advice--may-2009 Everyone wants information security to be easy.  Wouldn’t it be nice if it were simple enough to fit snugly inside a fortune cookie?  Well, although I don’t try to promote such foolish nonsense, I do on occasion pass on readily digestible nuggets to fear corporate_security information_security measure optimal_security matthew_rosenquist openportpromo risk model analysis threat it value concern it@intel rosenquist intel_it security Tue, 26 May 2009 18:00:19 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2009/05/26/fortune-cookie-security-advice--may-2009 2009-05-26T18:00:19Z 6 months, 5 days ago http://communities.intel.com/community/openportit/it/blog/comment/fortune-cookie-security-advice--may-2009 http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=12198 http://communities.intel.com/community/openportit/it/blog/2009/05/12/traps-of-measuring-security-risks We naturally take comfort in being able to quantify the vagueness of challenges in our existence.  This past week, I was again reminded the cup of information security is filled partially with the complexities of human perception and ambiguity of it@intel vulnerability risk threat information_security model matthew_rosenquist security rosenquist optimal_security analysis measurement measure openportpromo it intel_it Tue, 12 May 2009 20:29:15 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2009/05/12/traps-of-measuring-security-risks 2009-05-12T20:29:15Z 6 months, 2 weeks ago http://communities.intel.com/community/openportit/it/blog/comment/traps-of-measuring-security-risks http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=12155 http://communities.intel.com/community/openportit/it/blog/2009/03/02/top-techniques-for-measuring-security-value Choosing the right method to measure security value is important but not necessarily intuitive.   Some years ago, at the prodding of our department training expert, I developed a class teaching how to think critically while calculating information security model rosi information_security value rosenquist risk measure roi matthew_rosenquist metric optimal_security Mon, 02 Mar 2009 19:06:46 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2009/03/02/top-techniques-for-measuring-security-value 2009-03-02T19:06:46Z 9 months, 10 hours ago 1 http://communities.intel.com/community/openportit/it/blog/comment/top-techniques-for-measuring-security-value http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=11937 http://communities.intel.com/community/openportit/it/blog/2008/05/22/blogtalk-radio-discussion-the-problem-of-measuring-security Good security conversations benefit all involved. The more we share, discuss, and challenge each other, the more we advance our industry. Thankfully, I have the benefit of working closely with a brigade of information security professionals and we security roi value measure rosi information_security optimal_security model risk tim_casey matthew_rosenquist rosenquist casey Thu, 22 May 2008 21:28:29 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2008/05/22/blogtalk-radio-discussion-the-problem-of-measuring-security 2008-05-22T21:28:29Z 1 year, 6 months ago 3 http://communities.intel.com/community/openportit/it/blog/comment/blogtalk-radio-discussion-the-problem-of-measuring-security http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=11207 http://communities.intel.com/community/openportit/it/blog/2007/09/04/the-four-dirty-questions-of-measuring-information-security In my experience over the years, calculating security value and providing consulting to others doing the same, I have noticed the same 4 questions tend to rear their ugly heads. Requests by senior managers, finance analyst, business value analysts, optimal_security model risk matthew_rosenquist rosenquist security roi value rosi information_security measure Tue, 04 Sep 2007 15:21:00 GMT matthew.rosenquist@intel.com http://communities.intel.com/community/openportit/it/blog/2007/09/04/the-four-dirty-questions-of-measuring-information-security 2007-09-04T15:21:00Z 2 years, 3 months ago 2 http://communities.intel.com/community/openportit/it/blog/comment/the-four-dirty-questions-of-measuring-information-security http://communities.intel.com/community/openportit/it/blog/feeds/comments?blogPost=1075